package org.niugang.config;

import javax.sql.DataSource;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.data.redis.connection.RedisConnectionFactory;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;
import org.springframework.security.oauth2.provider.error.WebResponseExceptionTranslator;
import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;


@Configuration
/**
 * 
 * @ClassName:  AuthorizationServerConfiguration   
 * @Description:认证服务器 （数据库存储的）
 * @author: niugang
 * @date:   2019年01月16日 下午8:10:29   
 * @Copyright: 863263957@qq.com. All rights reserved. 
 *
 */
@EnableAuthorizationServer
@EnableResourceServer // 程序需要对外暴露获取Token的api和验证Token的API,所以程序也是一个资源服务器
@Order(6)
public class AuthorizationServerConfigurationJdbc extends AuthorizationServerConfigurerAdapter {



	/**
	 * 这个Bean是在WebSecurityConfigurerAdapter中定义的
	 */
	@Autowired
	@Qualifier("authenticationManagerBean")
	AuthenticationManager authenticationManager;
	@Autowired
	RedisConnectionFactory redisConnectionFactory;
	@Autowired
	private UserDetailsService userDetailsService;

	@Autowired
	private WebResponseExceptionTranslator customWebResponseExceptionTranslator;
	
	@Autowired
    private DataSource dataSource;
	
   
	//必须的public,private会报错
	@Bean
	public ClientDetailsService  clientDetailsService() {
		return new JdbcClientDetailsService(dataSource);
	}
	
	// 配置客户端信息
	@Override
	public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
		clients.withClientDetails(clientDetailsService()) ;

	}

	@Override
	public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
		endpoints.// token存储策略
				tokenStore(new RedisTokenStore(redisConnectionFactory))// token存储在redis中
				// 开起密码认证
				.authenticationManager(authenticationManager).userDetailsService(userDetailsService);// 密码模式需要在数据库中进行认证

		endpoints.exceptionTranslator(customWebResponseExceptionTranslator);// 错误异常
		
	}

	@Override
	public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
		// 允许表单认证
		oauthServer.allowFormAuthenticationForClients();
		//oauthServer.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()");

	}
}
